Hi list,

I have tried to find a thread for this problem without any success. We’re using Geoserver 2.7 with Jetty and we have one whole workspace behind username and password. At Security we have created a role and gave this role to one particular username. This user has now only read access to this workspace. How this username can be written in request logs? In these log files we get user ip, GET request, packet size and client id etc. What I need to do to solve my problem?

Best regards

Mr. Ville Jussila

On Thu, May 21, 2015 at 7:38 AM, Jussila Ville <ville.jussila@anonymised.com> wrote:

Hi list,

I have tried to find a thread for this problem without any success. We're
using Geoserver 2.7 with Jetty and we have one whole workspace behind
username and password. At Security we have created a role and gave this
role to one particular username. This user has now only read access to this
workspace. How this username can be written in request logs? In these log
files we get user ip, GET request, packet size and client id etc. What I
need to do to solve my problem?

You need to install the monitoring extension, and configure it it "audit"
mode,
the request details should contain the user that made the request in the
RemoteUser field:
http://docs.geoserver.org/stable/en/user/extensions/monitoring/audit.html

Cheers
Andrea

--

Meet us at the INSPIRE Conference in Lisbon 25-29 May 2015! Visit
http://goo.gl/WHKDXT for more information.

Ing. Andrea Aime
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

*AVVERTENZE AI SENSI DEL D.Lgs. 196/2003*

Le informazioni contenute in questo messaggio di posta elettronica e/o
nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
loro utilizzo è consentito esclusivamente al destinatario del messaggio,
per le finalità indicate nel messaggio stesso. Qualora riceviate questo
messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
darcene notizia via e-mail e di procedere alla distruzione del messaggio
stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
utilizzarlo per finalità diverse, costituisce comportamento contrario ai
principi dettati dal D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely for
the attention and use of the named addressee(s) and may be confidential or
proprietary in nature or covered by the provisions of privacy act
(Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
Code).Any use not in accord with its purpose, any disclosure, reproduction,
copying, distribution, or either dissemination, either whole or partial, is
strictly forbidden except previous formal approval of the named
addressee(s). If you are not the intended recipient, please contact
immediately the sender by telephone, fax or e-mail and delete the
information in this message that has been received in error. The sender
does not give any warranty or accept liability as the content, accuracy or
completeness of sent messages and accepts no responsibility for changes
made after they were sent or for other risks which arise as a result of
e-mail transmission, viruses, etc.

-------------------------------------------------------

Hi Andrea,

Thanks for your reply. I installed monitoring extension and configured it in audit mode. I’m able of getting all the information except RemoteUser. I get the RemoteUserAgent, but not the User. Is this RemoteUser login possible with client like Qgis etc?

Cheers

Ville

Lähettäjä: andrea.aime@…84… [mailto:andrea.aime@…84…] Puolesta Andrea Aime
Lähetetty: 21. toukokuuta 2015 16:27
Vastaanottaja: Jussila Ville
Kopio: geoserver-users@lists.sourceforge.net
Aihe: Re: [Geoserver-users] Username logging in request logs

Is the qgis client authenticating with username and password?

Cheers
Andrea

Il 21/mag/2015 21:04, “Jussila Ville” <ville.jussila@anonymised.com> ha scritto:

Hi Andrea,

Thanks for your reply. I installed monitoring extension and configured it in audit mode. I’m able of getting all the information except RemoteUser. I get the RemoteUserAgent, but not the User. Is this RemoteUser login possible with client like Qgis etc?

Cheers

Ville

Lähettäjä: andrea.aime@anonymised.com [mailto:andrea.aime@anonymised.com] Puolesta Andrea Aime
Lähetetty: 21. toukokuuta 2015 16:27
Vastaanottaja: Jussila Ville
Kopio: geoserver-users@lists.sourceforge.net
Aihe: Re: [Geoserver-users] Username logging in request logs

On Thu, May 21, 2015 at 7:38 AM, Jussila Ville <ville.jussila@…7074…> wrote:

Hi list,

I have tried to find a thread for this problem without any success. We’re using Geoserver 2.7 with Jetty and we have one whole workspace behind username and password. At Security we have created a role and gave this role to one particular username. This user has now only read access to this workspace. How this username can be written in request logs? In these log files we get user ip, GET request, packet size and client id etc. What I need to do to solve my problem?

You need to install the monitoring extension, and configure it it “audit” mode,

the request details should contain the user that made the request in the RemoteUser field:

http://docs.geoserver.org/stable/en/user/extensions/monitoring/audit.html

Cheers

Andrea

–

==

Meet us at the INSPIRE Conference in Lisbon 25-29 May 2015! Visit http://goo.gl/WHKDXT for more information.

==

Ing. Andrea Aime

@geowolf

Technical Lead

GeoSolutions S.A.S.

Via Poggio alle Viti 1187

55054 Massarosa (LU)

Italy

phone: +39 0584 962313

fax: +39 0584 1660272

mob: +39 339 8844549

http://www.geo-solutions.it

http://twitter.com/geosolutions_it

AVVERTENZE AI SENSI DEL D.Lgs. 196/2003

Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy’s New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc.

---

Hi

@Andrea, I am quite sure that qgis is using Basic Authentication.

There is an open issue about the problem with the username, look here

https://osgeo-org.atlassian.net/browse/GEOS-6144

Not sure if we should try to apply the quick fix or to invest some time. As an example, we would have to check if the code snippet works for CAS authentication.

Cheers
Christian

On Fri, May 22, 2015 at 10:35 AM, Christian Mueller <
christian.mueller@anonymised.com> wrote:

Hi

@Andrea, I am quite sure that qgis is using Basic Authentication.

There is an open issue about the problem with the username, look here

https://osgeo-org.atlassian.net/browse/GEOS-6144

Not sure if we should try to apply the quick fix or to invest some time.
As an example, we would have to check if the code snippet works for CAS
authentication.

Fixing issues is always welcomed. That said, is basic authentication
affected by the above issue?

Cheers
Andrea

--

Meet us at the INSPIRE Conference in Lisbon 25-29 May 2015! Visit
http://goo.gl/WHKDXT for more information.

Ing. Andrea Aime
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

*AVVERTENZE AI SENSI DEL D.Lgs. 196/2003*

Le informazioni contenute in questo messaggio di posta elettronica e/o
nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
loro utilizzo è consentito esclusivamente al destinatario del messaggio,
per le finalità indicate nel messaggio stesso. Qualora riceviate questo
messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
darcene notizia via e-mail e di procedere alla distruzione del messaggio
stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
utilizzarlo per finalità diverse, costituisce comportamento contrario ai
principi dettati dal D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely for
the attention and use of the named addressee(s) and may be confidential or
proprietary in nature or covered by the provisions of privacy act
(Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
Code).Any use not in accord with its purpose, any disclosure, reproduction,
copying, distribution, or either dissemination, either whole or partial, is
strictly forbidden except previous formal approval of the named
addressee(s). If you are not the intended recipient, please contact
immediately the sender by telephone, fax or e-mail and delete the
information in this message that has been received in error. The sender
does not give any warranty or accept liability as the content, accuracy or
completeness of sent messages and accepts no responsibility for changes
made after they were sent or for other risks which arise as a result of
e-mail transmission, viruses, etc.

-------------------------------------------------------

Hi Andrea

Every authentication mechanism is affected.

The code snippet in the issue not a fix, this is a hack and there is no guarantee that this hack is working for all authentication protocols.

Technical solution:

Each authentication mechanism is based on an GeoServerSecurityProvider object. My idea is to have a reference from the authentication object to the provider. The provider should have a method “extractPrincipal” returning a string. This not easy since we use third party libraries from Spring and CAS.

About privacy protection:

Many countries/enterprises/institutions do not allow grabbing statistical data for specific users. For my biggest customer I solved the problem by storing MD5 checksums of the username into PIWIK. As a consequence we need a method extractPrincipalAsMD5 (or another algorithm) which gives the possibility to collect and analyze anonymous statistical data.

The checksum of the user name should be the default and there is a need to integrate this concept into the monitoring extension (including the GUI).

I hope Justin will give some input.

Thanks for feedback.
Christian

On Fri, May 22, 2015 at 11:35 AM, Christian Mueller <
christian.mueller@anonymised.com> wrote:

Hi Andrea

Every authentication mechanism is affected.

In that case I guess applying the quick fix is better than nothing.
Investing some time would be better of course, but let's not
have best killing better.

The code snippet in the issue not a fix, this is a hack and there is no
guarantee that this hack is working for all authentication protocols.

Technical solution:

Each authentication mechanism is based on an GeoServerSecurityProvider
object. My idea is to have a reference from the authentication object to
the provider. The provider should have a method "extractPrincipal"
returning a string. This not easy since we use third party libraries from
Spring and CAS.

About privacy protection:

Many countries/enterprises/institutions do not allow grabbing statistical
data for specific users. For my biggest customer I solved the problem by
storing MD5 checksums of the username into PIWIK. As a consequence we need
a method extractPrincipalAsMD5 (or another algorithm) which gives the
possibility to collect and analyze anonymous statistical data.

Hum... interesting, however, we are not the law, also, and in most scenarios
were we used monitoring in audit mode, the clear username 99% of the reason
why monitoring is used (to track who did what and when).

Instead we should inform that collecting the user names might incur in
policy or legal issues, and provide a way to encode it if necessary.

The checksum of the user name should be the default and there is a need to
integrate this concept into the monitoring extension (including the GUI).

Not by default, breaks backwards compatibility

Cheers
Andrea

--

Meet us at the INSPIRE Conference in Lisbon 25-29 May 2015! Visit
http://goo.gl/WHKDXT for more information.

Ing. Andrea Aime
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

*AVVERTENZE AI SENSI DEL D.Lgs. 196/2003*

Le informazioni contenute in questo messaggio di posta elettronica e/o
nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
loro utilizzo è consentito esclusivamente al destinatario del messaggio,
per le finalità indicate nel messaggio stesso. Qualora riceviate questo
messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
darcene notizia via e-mail e di procedere alla distruzione del messaggio
stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
utilizzarlo per finalità diverse, costituisce comportamento contrario ai
principi dettati dal D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely for
the attention and use of the named addressee(s) and may be confidential or
proprietary in nature or covered by the provisions of privacy act
(Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
Code).Any use not in accord with its purpose, any disclosure, reproduction,
copying, distribution, or either dissemination, either whole or partial, is
strictly forbidden except previous formal approval of the named
addressee(s). If you are not the intended recipient, please contact
immediately the sender by telephone, fax or e-mail and delete the
information in this message that has been received in error. The sender
does not give any warranty or accept liability as the content, accuracy or
completeness of sent messages and accepts no responsibility for changes
made after they were sent or for other risks which arise as a result of
e-mail transmission, viruses, etc.

-------------------------------------------------------